IS LavaSoft homepage using tracking cookies?

While looking into some tracking cookies for the next release of Spybot-S&D, I came across a cookie of coyote.com. Curious as I am, I had a look at it. At over 200 Bytes it was quite big, and it contained 4 urls for just one visit. I told one of my beta-testers, who found the same cookie on his system.

Well, why shouldn't the people at LavaSoft don't use cookies? There are also useful reasons for cookies...

But it was interesting to us why the cookie was so large, and so my tester (fred) posted a question at the LavaSoft forum to ask what the cookie does. I read the message shortly after he posted it, but quarter an hour later, the message had vanished.
So he posted again, saying again that he wasn't charging them with anything, just asking for the purpose and contents of the cookie. I also read that second posting, so it was definitively online. But guess what? An hour later it was as if he never had posted it.
Both postings were not offensive, just asking.

I think this forum is more neutral and also interested in the question what is so special about the cookies that they delete two postings asking about it. I you guys at LavaSoft visit here, please tell us!!!

(I really don't want to bad-mouth LavaSoft, and I can't imagine they would misuse cookies, but I am very curious what they have to hide to go as far as to delete postings!)

I do not control the placement of the cookie by the server on which my site resides and that is stated in my privacy policy

I did not know of any postings till now

Information collected
There are cookies set by the server that this site resides
on to monitor page views and bandwidth
and unique stats associated with the site to allow me to
verify needs of this site as well as monitor this aggregated data.

I registered for this forum to make one statement. Tracking cookies ARE in place on TomCoyote's site, to monitor usage.
Today there were 21000 (twenty one thousand) page views.
Of these, 21 (Twenty One) were page views of the Privacy Policy. If you block cookies, you won't have any cookies. The site still works. If you wish to communicate with TomCoyote personally, there is a link on his site and it works. He also moderates in spywareinfoforum.com 's chat room, and is usually there every evening. I also do this. I will be happy to communicate about any spyware related issue, to anyone who wishes to join the chat. Thank You All, for allowing us to address this issue. Mitch_Shrader

I appreciate the work of Lavasoft and AdAware - especially for free, so it's hard to complain!

I am confused as to who "Coyote" is (as it was not signed) and who Ann is. Are one or both associated/own Lavasoft? If so, thanks for coming here to help explain the cookie situation. I DID understand the message from Mitch was as a representative of the TomCoyote.com site which is acting as a mirror.

But I'm still confused. With all due respect, the main question from our member, PepiMK, was not answered. Not only was it not answered, it was shooed away like flies at a picnic by simply saying, " I did not know of any postings till now." If this was a representative from Lavasoft, I am sure more than just PepiMK and myself are curious as to why there was not more concern shown about posts being removed. This is a security forum, so naturally there's an interest in cookies. It seems any questions could have beeen answered (as they were here) rather than be removed, apparently twice! Who moderates the forum? Who has the ability to remove posts? Why, if one of the posts was from a Lavasoft representative did we not here that removing posts about legitimate questions won't be tolerated on the Lavasoft Forum?

PepiMK's question was more geared to that, and even went out of the way to not question the cookie itself (except asking about the size, which is what the post that was removed, was about!).

But it was interesting to us why the cookie was so large, and so my tester (fred) posted a question at the LavaSoft forum to ask what the cookie does. I read the message shortly after he posted it, but quarter an hour later, the message had vanished.
So he posted again, saying again that he wasn't charging them with anything, just asking for the purpose and contents of the cookie. I also read that second posting, so it was definitively online. But guess what? An hour later it was as if he never had posted it.
Both postings were not offensive, just asking.

I think this forum is more neutral and also interested in the question what is so special about the cookies that they delete two postings asking about it. I you guys at LavaSoft visit here, please tell us!!!

(I really don't want to bad-mouth LavaSoft, and I can't imagine they would misuse cookies, but I am very curious what they have to hide to go as far as to delete postings!)

Click to expand...

I think that's a fair question. As one very much interested in privacy, I hate to see questions about cookies or anything else being posted to a software forum and removed rather than answered. That's the real question and some of us would like to know who would do that, and why?

For most of us in this security forum, that Wilder's has done such a great job of building and bringing a community of those interested in these issues together, TRUST means everything in deciding to use, or not use a product. If a company was taking down posts they are possibly embarrased by, or don't want to deal with, I am guessing a majority here would have questions about that. Someone apparently removed the posts - why?

Are there any answers to the central question posed by our fellow member here at Wilder's -- PepiMK?

I did not see the posts, but I am the owner and sole operator of TomCoyote.com and I am also Coyote of TeamLavasoft 2002

I did not know of the posts in our forum until I was told of them by spy1 and immediatly came here to find out more.

Personaly, I feel that this could have been handled differently by both sides, to start with, my email address is publically displayed on my site, as well as a privacy policy that states the purpose of the cookies.

If the posts were made appropriately I do not know why they would have been removed from our forum,
as I did not see them I cannot be the judge, I have posted in our mod forum information about my site for the future for mods to know about.

As it is my site and not Lavasoft's, I wish that you consult with me about improper things on my site.

I work a full time job before I start sitting down to my computer each day to help on catching and removing spyware from the internet and users computers and I had just signed on today when I got the PM from spy1 and to say the least, I am surprised that I was not given the opportunity to explain anything by email and rather had to find out that someone was investigating me just because of a cookie. You people should know better than that.

And I am a registered user here so that information is there.
Ann is Bee from Lavasoft

As this topic is a little about me (I posted the two questions at the Lavasoft Forum) I would like to state that at first I just wanted some clarification. But now I have adistinct feeling that Lavasoft has beek kind of hyjacked. Even if I send an e-mail to bee (Ann-Christine) I got answered by TomCoyote. We, security minded users) have aright to get informed of crucial changes to Lavasoft. Trust us and we trust you. Be open about everything because the spyware-companies are closed like a shell.

1) Fret: IMO your questions have been valid ones. On the other hand there is no reason in any way to conclude LS "has been hijacked" - that's just one step too far.

This thread is not mend to turn into somekind of controversy.

2) Tom: IMO there's nothing wrong in asking a valid question in a decend way over on the LS board - that's what the board is for. In my view it would have been reasonable if th one(s) responsible for deleting the postings had informed you at the spot - and answered likewise to the question asked. This would have avoided all this happening.

Deleting postings in regard to polite and valid questions on the LS board is bound to have an effect: the same question will be asked on a different board. Since you mirror for LS (a good thing - I applaud you for doing so), being a mod and LS Team member as well, it's not that strange at all this question has been asked on the LS board; as it shows in this thread, it's not that clear for anyone to distinguish where LS stops and coyote.com starts. I'm sure none of the LS Team members nor mods would be happy if anyone would email them personally instead of taking the obvious way: posting on the LS board.

Ann (major LS Team member together with Nicholas/Urizen) merely answered "the LS site is elsewhere - LS does not use tracking cookies" - which is true indeed. Although making clear your site and the LS site are not one and the same, no comment/explanation has been made in regard to your site - thus leaving the question wide open and unanswered. That didn't help in clearing up the issue at all.

No one is questioning your integrity as far as I see it.

That all being said:

Indeed question(s) remained to be answered (not all in specific by you, Tom!). One of them is why the initial question has been removed twice from the LS board, instead of answering them - if only stating the matter will be looked into, and an answer would follow asap.

Most probably, many are still looking forward to a reply.

Finally: let's get this over and done with in a decend and mature way. All are adults, and fighting for the same cause. No one will benefit from controversy - except the ones you are fighting.

I have, aprox. 10 hours ago. No answer yet. FYI: I merely asked to address this thread and explain to me in private mail.

we will take care of any internal matters about the way posts were dealt with internally and not in the public.

Click to expand...

I'll take it, using the word "we" implies you are talking on behalf of the Lavasoft Team. Although it's LS perrogative to do whatever they feel like, as an impartial outsider I personally do consider this a very unwise decision in regard to this issue.

Deleting polite, to the point and valid questions/postings at random without providingany reason at all, will reflect badly on a board focussing on freedom of speech and privacy, and is bound to make people wonder.

Since you seem to talk on behalf of the Lavasoft Team, I kindly ask you/LS to reconsider.

The Lavasoft site (www.lsfileserv.com) does NOT use cookies at all.
As I said http://tomcoyote.com/lsindex.html is one of our mirror sites and
NOT the Lavasoft "homepage" as mentioned here before.

The two postings in question where entitled "Ad-aware contains spyware" and
"tracking cookie? cookie placed by Ad-aware"

Both statements are nothing more than downright lies and an attempt to intentionally discredit
our product and to mislead our users.
Neither does Ad-aware contain spyware, nor is "Ad-aware placing any
cookies".

And none of the above statements have even remotely anything to do with the
cookie placed by one of our mirror sites.

Since there have been several attempts to slander us in the same fashion a few
weeks ago, they were treated like all other attacks we have had on our board,
they were removed without prior notice.

If anybody has a legitimate question regarding any cookies placed by Tom's
site, they are welcome to post them on the board and they will be answered
like any other posting. But people who's only goal it is to create trouble
just like this one, are not welcome on our board and will be treated
accordingly.

It is tragic to see that slandering Lavasoft seems to be the only way Mr
PepiMK can promote his sorry attempt to create a product like Ad-ware.

The accusations you or one of your co-workers have made against us are very
serious.So Mr PepiMk I would like you to explain to us in detail the cookie on
Tom's site and why it is considered a "tracking cookie" by you?

Considering the Ad-aware badmouthing that can be found in your forum I
think this all was a cry for attention nothing more nothing less.
Instead of trying to slander us, you should rather spend your time fixing
your software. It is accidentally (?) creating numerous registry keys while
"scanning" that are not related to your software directly. Are you trying to
thrash the users registry?

The two postings in question where entitled "Ad-aware contains spyware" and
"tracking cookie? cookie placed by Ad-aware"

Click to expand...

In order to have this settled once and for all, I invite both PepkiMK and LS to post the contents and subject line from the posts in question. This way, there will and can be no doubt for all concerning a possible slander - or not.

While waiting for the above mentioned, I urge all to refrain from bashing.

The main goal for LS/Adaware and SpyBot S &D is fighting a common enemy - fighting one another will make this common enemy laughing all the way to the bank.

Tom has indicated he is not in control of the cookies on his site and does post a notice regarding such with a link to his providers privacy statement. I don't see what more he can or should do with respect to that.

These cookies are orginating from freeservers. These tracking cookies I'm quite certain go beyond just tracking tomcoyote.com site related matters and IMO most likely track across the mishmash network of sites and servers maintained by the registrant of freeservers which is About, Inc. About Inc, is the registrant of Northsky and the aboutwebservices.com network of sites. All of the sites in the About group are free service types (Freeservers, Bizhosting, Community Architect, 50megs, SiteTracker, FreePolls, FreeStats, RankPeople - real yuk on the last one).

So it is likely that tracking is being done across the board of sites within this network, which can be handled easily with a simple killing of the cookie. There is no reason why freeservers should be using cookies to obtain aggregate data on the site IMO. It is totally unneccesary to gather the type of data they claim they are using the cookies for.

As a side note and simply an FYI the apparent owner of the entire mess is either a part of the Above.net network or above.net is their service provider. I'm still not certain which. The trail is pretty clouded here. But in any event the Above.net network is owned by MFN which is currently 3.3 billion in debt and unable to make interest payments so I would expect that some interuptions and changes to occur over the next couple months on this net block.

This topic is spinning wildly out of control. We, the SpyCatchers, should be cooperating, be friends, instead of having arguments, fighting like enemies.
I've mailed to TomCoyote and Bee to offer my excuses if I caused them any distress. I never wanted to slander them. Ad-aware, SpyBot, X-cleaner, and.doxdesk, and averybody else on the anti-spyware side, should be a closed front. If not, we will lose the struggle. So, accept my humble appologies, let us shake hands and close this topic.